In news both interesting and frightening, the domain name for Panix, the oldest commercial internet service provider in New York, was hijacked out from under them on Friday night. Both the notice about the hijacking and various progress reports about how it’s been handled by the involved companies have been posted on Panix’s temporary home on the net and over at the North American Network Operators Group (NANOG) mailing list (search for “panix.com” and you’ll find the posts), but the short version is that the registrars have handled it horribly, leaving Panix without use of its primary domain name for going on 48 hours now. And what people need to remember is that, during the time Panix hasn’t been in control of the domain, whoever was responsible for the hijacking can easily have had computers running which have been able to capture every single username, password, piece of email, file, and whatever else clients have sent to what they thought were valid panix.com machines. Pretty frightening.
The thing that’s most surprising to me is that this hasn’t gotten a whole hell of a lot in the way of press; as of right now, searching Google News for “panix” brings up only three relevant news articles. Honestly, this seems to me to be the perfect example of how the internet has expanded faster than the ability of the relevant organizations to protect the immense time, energy, and money people invest in it, but the story’s not getting much coverage right now. I imagine that if microsoft.com were the domain hijacked, we’d be hearing more about it, but it’s not like Panix is a small fish, it’s just not a blue whale — and that’s enough to shove the story off the radar over a holiday weekend. Alas.